Merge pull request #545 from moobyfr/fix-xauth

Fix xauth
author: Idan Freiberg <speidy@gmail.com> 2016-12-19 01:59:19 -0500
committer: GitHub <noreply@github.com> 2016-12-19 01:59:19 -0500
commit: a11af2bc95cc25a6e394f94640543cca494f3e27 (patch)
tree: a6bb821d1551f74850ae124ea8df11bc0c14c0e4 /sesman
parent: 449407ebf158de774ba5a6a9d444a2550b7853e1 (diff)
parent: a2d7720887b25304b2e10940fdefb2602bf8fc88 (diff)
download: xrdp-proprietary-a11af2bc95cc25a6e394f94640543cca494f3e27.tar.gz
xrdp-proprietary-a11af2bc95cc25a6e394f94640543cca494f3e27.zip
4 files changed, 129 insertions, 0 deletions
diff --git a/sesman/Makefile.am b/sesman/Makefile.am
index 6b71e4bf..89b99f54 100644
--- a/sesman/Makefile.am
+++ b/sesman/Makefile.am
@@ -57,6 +57,8 @@ xrdp_sesman_SOURCES = \
   session.h \
   sig.c \
   sig.h \
+  xauth.c \
+  xauth.h \
   $(AUTH_C)
 
 xrdp_sesman_LDADD = \
diff --git a/sesman/session.c b/sesman/session.c
index 783665cf..4e51867f 100644
--- a/sesman/session.c
+++ b/sesman/session.c
@@ -39,6 +39,7 @@
 
 #include "sesman.h"
 #include "libscp_types.h"
+#include "xauth.h"
 
 #ifndef PR_SET_NO_NEW_PRIVS
 #define PR_SET_NO_NEW_PRIVS 38
@@ -441,6 +442,7 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
     struct list *xserver_params = (struct list *)NULL;
     struct tm stime;
     time_t ltime;
+    char authfile[256]; /* The filename for storing xauth informations */
 
     /* initialize (zero out) local variables: */
     g_memset(&ltime, 0, sizeof(time_t));
@@ -676,6 +678,22 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
                 g_snprintf(text, 255, "%d", g_cfg->sess.kill_disconnected);
                 g_setenv("XRDP_SESMAN_KILL_DISCONNECTED", text, 1);
 
+                /* prepare the Xauthority stuff */
+                if (g_getenv("XAUTHORITY") != NULL)
+                {
+                    g_snprintf(authfile, 255, "%s", g_getenv("XAUTHORITY"));
+                }
+                else
+                {
+                    g_snprintf(authfile, 255, "%s", ".Xauthority");
+                }
+
+                /* Add the entry in XAUTHORITY file or exit if error */
+                if (add_xauth_cookie(display, authfile) != 0)
+                {
+                    g_exit(1);
+                }
+
                 if (type == SESMAN_SESSION_TYPE_XORG)
                 {
 #ifdef HAVE_SYS_PRCTL_H
@@ -702,6 +720,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
                     /* these are the must have parameters */
                     list_add_item(xserver_params, (tintptr) g_strdup(xserver));
                     list_add_item(xserver_params, (tintptr) g_strdup(screen));
+                    list_add_item(xserver_params, (tintptr) g_strdup("-auth"));
+                    list_add_item(xserver_params, (tintptr) g_strdup(authfile));
 
                     /* additional parameters from sesman.ini file */
                     list_append_list_strdup(g_cfg->xorg_params, xserver_params, 1);
@@ -737,6 +757,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
                     /* these are the must have parameters */
                     list_add_item(xserver_params, (tintptr)g_strdup(xserver));
                     list_add_item(xserver_params, (tintptr)g_strdup(screen));
+                    list_add_item(xserver_params, (tintptr)g_strdup("-auth"));
+                    list_add_item(xserver_params, (tintptr)g_strdup(authfile));
                     list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
                     list_add_item(xserver_params, (tintptr)g_strdup(geometry));
                     list_add_item(xserver_params, (tintptr)g_strdup("-depth"));
@@ -768,6 +790,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
                     /* these are the must have parameters */
                     list_add_item(xserver_params, (tintptr)g_strdup(xserver));
                     list_add_item(xserver_params, (tintptr)g_strdup(screen));
+                    list_add_item(xserver_params, (tintptr)g_strdup("-auth"));
+                    list_add_item(xserver_params, (tintptr)g_strdup(authfile));
                     list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
                     list_add_item(xserver_params, (tintptr)g_strdup(geometry));
                     list_add_item(xserver_params, (tintptr)g_strdup("-depth"));
diff --git a/sesman/xauth.c b/sesman/xauth.c
new file mode 100644
index 00000000..003fb866
--- /dev/null
+++ b/sesman/xauth.c
@@ -0,0 +1,62 @@
+/**
+ * xrdp: A Remote Desktop Protocol server.
+ *
+ * Copyright (C) Emmanuel Blindauer 2016
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ * @file xauth.c
+ * @brief XAUTHORITY handling code
+ *
+ */
+
+#include <stdio.h>
+#include "log.h"
+#include "os_calls.h"
+
+
+/******************************************************************************/
+int DEFAULT_CC
+add_xauth_cookie(int display, const char *file)
+{
+    FILE *dp;
+    char cookie_str[33];
+    char cookie_bin[16];
+    char xauth_str[256];
+    int ret;
+
+    g_random(cookie_bin, 16);
+    g_bytes_to_hexstr(cookie_bin, 16, cookie_str, 33);
+
+    g_sprintf(xauth_str, "xauth -q -f %s add :%d . %s",
+                file, display, cookie_str);
+
+    dp = popen(xauth_str, "r");
+    if (dp == NULL)
+    {
+        log_message(LOG_LEVEL_ERROR, "Unable to launch xauth");
+        return 1;
+    }
+
+    ret = pclose(dp);
+    if (ret < 0)
+    {
+        log_message(LOG_LEVEL_ERROR, "An error occurred while running xauth");
+        return 1;
+    }
+
+    return 0;
+}
diff --git a/sesman/xauth.h b/sesman/xauth.h
new file mode 100644
index 00000000..3254d635
--- /dev/null
+++ b/sesman/xauth.h
@@ -0,0 +1,41 @@
+/**
+ * xrdp: A Remote Desktop Protocol server.
+ *
+ * Copyright (C) Emmanuel Blindauer 2016
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ * @file xauth.c
+ * @brief XAUTHORITY handling code
+ *
+ */
+
+#ifndef XAUTH_H
+#define XAUTH_H
+
+/**
+ *
+ * @brief create the XAUTHORITY file for the user according to the display and the cookie
+ *        xauth uses XAUTHORITY if defined, ~/.Xauthority otherwise
+ * @param display The session display
+ * @param file If not NULL, write the authorization in the file instead of default location
+ * @return 0 if adding the cookie is ok
+ */
+
+int DEFAULT_CC
+add_xauth_cookie(int display, const char *file);
+
+#endif
author	Idan Freiberg <speidy@gmail.com>	2016-12-19 01:59:19 -0500
committer	GitHub <noreply@github.com>	2016-12-19 01:59:19 -0500
commit	a11af2bc95cc25a6e394f94640543cca494f3e27 (patch)
tree	a6bb821d1551f74850ae124ea8df11bc0c14c0e4 /sesman
parent	449407ebf158de774ba5a6a9d444a2550b7853e1 (diff)
parent	a2d7720887b25304b2e10940fdefb2602bf8fc88 (diff)
download	xrdp-proprietary-a11af2bc95cc25a6e394f94640543cca494f3e27.tar.gz xrdp-proprietary-a11af2bc95cc25a6e394f94640543cca494f3e27.zip